Dan Kaminsky - Stack Black Ops: New Concepts for Network Manipulation
Stack Black Ops: New Concepts for Network Manipulation
What can your network do? You might be surprised. Layer by layer, this talk will examine previously undocumented and unrealized potential within modern data networks. We will discuss aspects of the newest versions of scanrand, a very high speed port scanner, and the rest of the Paketto Keiretsu. Interesting new techniques will also discussed, including:
* Bandwidth Brokering - a technique that allows market-based load balancing across administrative boundries using existing TCP protocols
* DHCP-less Bootstrapping - a sub-optimal but effective strategy for bootstrapping network access for hosts that cannot directly acquire a DHCP lease
* State Reconstruction - a design model that allows stateless network scanners (such as scanrand) to acquire deep knowledge about scanned hosts
* Multihomed Node Detection - a simple set of techniques that expose firewalled hosts with alternate paths to an unfirewalled network link.
* Generic ActiveX Encapsulation - a step-by-step methodology for safely launching arbitrary win32 tools (such as putty or a Cygwin OpenSSH environment) from a web page
We will also be discussing significant advances in data visualization, made necessary by the sometimes daunting amount of raw information these sorts of tools can expose one to.
Dan Kaminsky, also known as Effugas, is a Senior Security Consultant for Avaya's Enterprise Security Practice, where he works on large-scale security infrastructure. Dan's experience includes two years at Cisco Systems designing security infrastructure for large-scale network monitoring systems, and he is best known for his work on the ultra-fast port scanner scanrand, part of the "Paketto Keiretsu", a collection of tools that use new and unusual strategies for manipulating TCP/IP networks. He authored the Spoofing and Tunneling chapters for "Hack Proofing Your Network: Second Edition", and has delivered presentations at several major industry conferences, including Linuxworld, DefCon, and past Black Hat Briefings. Dan was responsible for the Dynamic Forwarding patch to OpenSSH, integrating the majority of VPN-style functionality into the widely deployed cryptographic toolkit. Finally, he founded the cross-disciplinary DoxPara Research in 1997, seeking to integrate psychological and technological theory to create more effective systems for non-ideal but very real environments in the field. Dan is based in Silicon Valley.
